watson/umami
1
0
Fork 0
mirror of https://github.com/umami-software/umami.git synced 2026-02-18 11:35:37 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

API security updates.

Browse source
This commit is contained in:
Mike Cao 2020-09-11 13:49:43 -07:00
parent 01432266ef
commit 8e3286179a
7 changed files with 115 additions and 80 deletions
Download patch file Download diff file Expand all files Collapse all files

22
pages/api/account/[id].js
View file

@ -9,24 +9,20 @@ export default async (req, res) => {
const { id } = req.query;
const user_id = +id;
if (req.method === 'GET') {
if (is_admin) {
const account = await getAccountById(user_id);
return ok(res, account);
}
if (is_admin) {
return unauthorized(res);
}
if (req.method === 'GET') {
const account = await getAccountById(user_id);
return ok(res, account);
}
if (req.method === 'DELETE') {
if (is_admin) {
await deleteAccount(user_id);
await deleteAccount(user_id);
return ok(res);
}
return unauthorized(res);
return ok(res);
}
return methodNotAllowed(res);